The BDO GovCon Week Ahead - June 2021
June 29, 2021
With Record High Contract Spending, Why Are There Less Small Business Contractors? We all know the proverbial titans of Government contracting, and that these power players have consistently been taking a larger and larger share of Government contracts, which means that there are fewer federal dollars available for the small business community. This notable drop in small business contractors has hit women-owned and veteran-owned businesses especially hard and spotlights a growing imbalance in the types of companies awarded contracts under the Government’s current acquisition practices.
According to the Women’s Chamber of Commerce, the federal acquisition process category management system has accelerated a notable decrease in the number of small businesses taking part in Government contracts. This decrease has presented itself through a 24% fall in small business concerns, a 22% fall in women-owned small business concerns, and a 17% fall in veteran-owned small business concerns since 2017. They also noted that, as contracts continue to balloon in value, small business concerns cannot compete with the too big to fail contractors who have the resources to take advantage of these massive contracts.
One facet of category management that is facing mounting blame for the decrease of small business contractors is the Best-in-Class tier system. This system bases procurements on three tiers ranking the economic suitability of a vendor; reduces competition to preferred contractors that ultimately comprise of a small percentage of the market and is over-represented by larger contractors; and was designed to save agencies money. There is no dispute that the Best-in-Class system has met this goal, but this achievement has ultimately come at the cost of smaller vendors who can’t break into the tiered system like their larger counterparts.
In an effort to expand small business representation in contracting, the Women’s Chamber of Commerce has offered two paths of remediation: First, an executive order could be signed to classify all small business concerns as tier 3 vendors or exempt these small businesses from reservations for best-in-class contractors. Alternatively, Congress could pass legislation exempting small business concerns from best-in-class contract limitations, which would give small business concerns the same level of participation with prime contractors as their larger competitors.
As these discussions continue to progress up the Government’s ranks, the Women’s Chamber of Commerce has noted that the Office of Management and Budget (OMB) has seen their report and recommendations. It will be interesting to see where these discussions go and what changes may be in the pipeline for small business contractors.
For more information, please click this link.
Communication Is the Bridge Between Confusion and Clarity: The United States Air Force (USAF) has released a draft request for proposals for a potential $750 million contract to address non-personal services for the Remotely Piloted Aircraft Squadron Operation Center Enterprise (RPA-SOC). The pre-solicitation notice posted on SAM.gov, states that the RPA-SOC contract is structured as a small business set-aside acquisition program with an ordering period of eight years. The USAF noted that the center is responsible for the planning of squadron level missions, the coordination of airspace tasks, data management, and the generation of tasking and targeting information.
According to the pre-solicitation synopsis, “The RPA-SOC provides capability for squadron level mission planning, airspace coordination, tasking/targeting updates, threat warning, data archival and retrieval, establishing and maintaining situational awareness, dissemination and support in areas of mission execution, intelligence, weather administration and communications.” The potential vendor will be asked to install, configure, operate, manage, and troubleshoot equipment and networks in order to support long-haul USAF communications, as well as to provide help desk functions.
The USAF is accepting questions, comments, and feedback until July 2, 2021 with the final RFP planned to be posted in late July/early August of 2021. Small business vendors interested in the proposal should continue to follow news on the contract vehicle on SAM.gov.
For more information, please click this link and this link.
If Everything Is the #1 Cybersecurity Priority, Is Anything? A couple of months ago, The National Institute of Standards and Technology (NIST) issued a call for position papers, in order to help establish its response and implementation efforts stemming from the Executive Order on Improving the Nation’s Cybersecurity. They received over 150 responses, and unsurprisingly, many of comments that they received were from industry and were centered around being as specific as possible in the definitions of terms like “critical software.” A narrowly defined scope of what constitutes critical software makes sense, otherwise, how can Government contractors be expected to prioritize what is truly critical and vulnerable to intrusion?
Two commenters took a slightly different approach. The Food and Drug Administration (FDA) and the National Science Foundation (NSF) commented on the complexities of narrowing the scope around what critical software entails. The FDA cited medical devices in their response… Obviously, software within a medical device is critical to the device functioning as intended, but the FDA also pointed out that there are several outside factors and third-party software applications that are also pivotal in ensuring that the device can be used safely and effectively. NSF cited the complex relationships with industrial control systems and how important things like utilities and the processes and software that manage those are.
While water, fuel, and electricity are resources that are outside of the scope of what most contractors can control and protect, it’s good to see federal agencies looking at the bigger picture, because it’s one thing to ensure that a life-saving medical device cannot be hacked, but what good is that device if it has to be plugged-in at a hospital and the hospital doesn’t have power. NIST has a difficult task on their hands, so stay tuned to see how they address the concerns raised by contractors and those from Federal agencies.
For more information, please click this link.
June 21, 2021
The Blacklist of Chinese Companies Keeps Growing: Government contractors may have noticed some additional questions as they’ve started the renewal process of their System for Award Management (SAM) representations and certifications. The Federal Acquisition Regulation (FAR) clause and provision 52.204-25 and -26 stipulate that contractors and potential contractors responding to government solicitations certify that they have performed a reasonable inquiry to ensure that they will not be purchasing, providing or using telecommunications equipment or services from a list of prohibited vendors.
In early June 2021, President Biden issued an executive order to expand the list of Chinese companies that American companies and individuals are prohibited from investing in or doing business with from 31 to 59 companies. Starting August 2, 2021, investors have one year to divest from those 59 companies with alleged links to Chinese military and surveillance, with the goal of ensuring that American investments are not supporting companies that compromise the security of the U.S. and its allies.
The list already included Huawei Technologies and its subsidiaries and affiliates, and now American firms are prohibited from holding investments in additional companies that provide satellite equipment, integrated circuits, optical components, and satellite communications equipment and software, in an effort to reduce cybersecurity risks and encourage American companies to invest in more companies stateside.
For more information please click this link and this link.
It’s a Good Time to be a Government Contractor: 2020 will go down in the history books for a countless number of reasons. One of these reasons, however, may not be what you would expect. 2020 represented the year that the federal government spent the most on contracts, a whopping $682 billion. This represents a notable $83 billion, or 14%, increase over government fiscal year (GFY) 2019’s then record-breaking $559 billion.
Although we may assume this record spending directly relates to the unprecedented federal response to the COVID-19 pandemic, that is not the entire story. GFY 2020 saw government contract spending on medical supplies increase by 50%, but spending on aircraft, ships, submarines and combat vehicles also increased by 41%. Another area that received notable growth is technology with spending on information technology seeing a year-over-year increase of $6.8 billion. But not all sectors were big winners. Miscellaneous and sustainment supplies related to physical equipment in government offices fell by over 13% as the pandemic triggered nationwide work-from-home mandates.
As in prior years, government contracting juggernaut Lockheed Martin topped the list of contractors receiving the most funding to the tune of around $76 billion, while Raytheon, General Dynamics, Boeing and Northrop Grumman followed in the top five. Additionally, the government is doubling down on its utilization of other transaction authority purchases—those made outside the traditional Federal Acquisition Regulation (FAR) structure—by dramatically increasing spending to $18 billion.
This record may not last long, as the government is expected to continue record spending on contracts at least through GFY 2021. This is driven largely by February’s $1.9 trillion stimulus package and the GFY 2021 spending bill which topped $1.4 trillion in discretionary spending.
For more information, please click this link.
It’s Not You, It’s Me - Proposed Changes to Expand Post-Award Debriefings: Breakups, job interviews and competitive solicitations … These are a few of the events in a government contractor’s life that lead individuals to look inward and try to figure out what they could have done differently to affect the outcome of a decision. While Cosmo and LinkedIn are chock full of articles to address the first two events, contractors are left with post-award debriefings and protests to ascertain what they can do differently on future proposals. Within industry, the over-arching feeling is unsuccessful offerors generally have not been getting enough information from the post-award debriefs, so they have been turning to protests to glean as much information as they can about what made them “unsuccessful.”
A proposed change to the Department of Defense Federal Acquisition Regulation Supplement (DFARS) looks to change that. Contractors have until July 19 to comment on the proposed change which piggybacks on the 2018 interim guidance that permits an enhanced debriefing, if requested. The enhanced debriefing, which grants unsuccessful offerors a two-business-day period to ask their follow-up questions and gives the government five business days to respond, provides an alternative path to protests for contractors seeking clarification.
The catch is that, just as in some breakups and job interviews, sometimes the decision-makers just don’t provide the candid feedback that contractors are seeking, no matter how the questions are asked. In those cases, a protest may still be the most effective course of action to get answers, but the intent of the proposed change is to make sure that this isn’t normal. Government contractors should consider reviewing the language and commenting, even if they’ve never been on the receiving end of a debrief that just left them with more questions, because who is to say that the outcome will always be the one that they were hoping for, or that the debriefing that they receive will be so profound, that it will forever change how they propose on future work.
For more information, please click this link and this link.
June 14, 2021
The Best Defense Is a Good Offense: On May 27, 2021, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) quietly released a directive geared toward preventing the next pipeline system attack. Secretary of Homeland Security Alejandro N. Mayorkas stated, “The recent ransomware attack on a major petroleum pipeline demonstrates that the cybersecurity of pipeline systems is critical to our homeland security.”
The directive requires that critical pipeline owners and operators examine their existing cyber-related practices to identify any gaps, develop corrective actions, and report the results to TSA and the DHS Cybersecurity and Infrastructure Security Agency (CISA) within 30 days. It also requires that they designate a Cybersecurity Coordinator, who will be available 24/7, and that they will report suspected or confirmed cybersecurity incidents to CISA.
TSA is considering additional follow-on requirements, which is likely not a surprise to anyone who has been following the pipeline story. The DHS directive and any subsequent follow-ons are consistent with the Government-wide trend, where Government officials are recognizing that it’s not enough to respond to a cyber-attack after the fact. RaOfficials are calling on Federal agencies and their industry partners to proactively poke holes in their own systems and assess /address gaps before the next attack happens and critical services are brought to a screeching halt, or sensitive information is compromised.
For more information, please click this link.
U.S. Calls for Proposals to Combat Media Repression: As issues related to media censorship and the spread of misinformation continues to rise across the globe, The Defense Advanced Research Projects Agency (DARPA) is looking for new concepts that can help understand how authoritarian regimes control information. DARPA, under a program called Measuring the Information Control Environment (MICE) wants to develop artificial intelligence technology to “measure how digitally authoritarian regimes repress their populations at scale over the internet via censorship, blocking, or throttling,” according to a June 1, 2021 pre-solicitation notice posted on SAM.gov.
As technology evolves and more censorship tools are being used to suppress information, DARPA wants to track these events in real-time and develop certain countermeasures in cyberspace. “MICE-developed technology will continuously and automatically update and feed into easily-understood dashboards in order to develop comprehensive, real-time ground truth understanding of how countries conduct domestic information control.” The document outlining the program listed six topics the proposals must address in order to bolster efforts to combat the repression. These topics include the targeted information environment, scope and granularity of measurement, where and how information will be collected, tracking plan, presentation for end-users, and other uses for the technology developed under MICE.
Proposals for MICE are due June 30, 2021, and awards will be made under other transaction authority (OTA) with a total combined award value for both project phases of up to $1 million.
For more information, please click this link and this link.
No Summer Slump for Congress: Congress is not taking any time off as summer approaches, with numerous bills, ranging from new cybersecurity measures to moving agency operations outside of the Washington, D.C. area, making their rounds through Congress. If these bills make their way to President Biden’s desk and gain approval, they will present wide-ranging impacts to multiple Federal agencies.
Following numerous high-profile cyberattacks including that of the Colonial Pipeline and meat supplier JBS USA, one bill aims to require government contractors to develop and maintain vulnerability disclosure policies (VDP). In 2020, the Department of Homeland Security pushed Federal agencies to develop VDPs which would allow ethical hackers to detect security risks and report them to the organization so they could rectify those gaps before a malicious entity could exploit them. The colloquially named Contractor Cybersecurity Act would now require contractors to do the same, to prevent increasingly complex and disruptive cyberattacks.
Another bill on the docket includes a bill to relocate certain Federal agencies outside of the Washington D.C. area, to bring the Government and associated economic benefits to more Americans. The commission, helmed by various members of the House, Senate, and GSA administrator would be tasked with preparing relocation plans and an economic and workforce development study focusing on low-income communities or other areas that are best suited for various agencies.
Additional bills include ones to allow states and local entities to apply for annual cybersecurity improvement grants, a bill that requires all Federal agencies’ budget justifications and appropriation requests be made available to the public, and a bill to increase funding and Federal support for the National Science Foundation (NSF).
As these various bills make their way through Congress, massive changes may be on the horizon to multiple Federal agencies. It will be interesting to see what, if any, of these bills will make it to the finish line and how their impact may be felt.
For more information, please click this link.
June 8, 2021
It’s Here: CIO-SP4 Solicitation Issued Before Memorial Day Weekend: On May 25, 2021, the National Institutes of Health Information Technology Acquisition and Assessment Center (NITAAC) issued the long-awaited Chief Information Officer-Solutions and Partners 4 (CIO-SP4) solicitation. The 10-year, $50 billion follow-on Government-wide acquisition contract (GWAC) will contain a five year base period with five option years, intended to meet the IT needs across 10 task areas: IT services for biomedical research, health care and health sciences, CIO support, digital media, outsourcing, IT operations and maintenance, integration services, cybersecurity, digital Government and cloud services, enterprise resource planning, and software planning.
Now, you may be asking yourself: how will NITAAC weigh Federal Business System compliance into their evaluation of an offerors proposal? Largely, the requirements for the Accounting, Earned Value Management (EVM), Estimating, and Purchasing Systems are the same as described in the draft solicitation. It is important to note that there is no mention of needing a Cognizant Federal Agency (CFA)-approved EVM system in the solicitation. The solicitation reads, “If the offeror has an EVMS or cost / schedule control system that is compliant with [the American National Standards Institute/Electronic Industries Alliance standard 748] EIA-748, they shall award themselves 300 points. Only one member of an offerors [Contract Team Arrangement] CTA / [Joint Venture] JV or an affiliate need an EVMS, provided the offeror identify which member or affiliate has this, and how that member / affiliate would use the EVMS in the normal course of business for the offeror.” Offerors should plan to include documentation demonstrating compliance in the appropriate section of their proposals, but offerors without a CFA-approved EVMS should not panic.
Questions on the solicitation were due back on June 1, 2021, but offerors have until June 28, 2021 to submit their proposals. BDO’s Government Contracts professionals are available should potential offerors have any questions on the solicitation or on the scoring of Federal Business System compliance.
For more information, please click this link and this link.
Same Budget, Big Changes: Right before Memorial Day, the White House released the full Government fiscal year 2022 (FY22) budget request and, at first glance, it appears to be business as usual for the amount requested for the Department of Defense (DoD). However, the largely flat budget has some interesting changes included.
The budget request totals $715 billion for the DoD, or $753 billion when including total defense spending—which includes the Energy Department and other Federal agencies—represents a modest $12 billion increase over the FY21 budget. Business as usual, right? Wrong! The big story here is how these funds are being used.
Sources at the Pentagon noted that although the budget is largely flat, the DoD is using this opportunity to reallocate resources, accelerate modernization and strategic competition initiatives, and fund other projects with the extra funds from the withdrawal in Afghanistan. Here are some of the key budgetary changes:
- Removal of the Overseas Contingency Operations (OCO) account, which was set up as an emergency wartime fund, but has been used to pad defense spending and avoid budget caps
- The Army will see a small decrease in funding due to the drawdown in Afghanistan while the other branches are set to receive a modest increase
- In an effort to reallocate funds, plans are in place to retire certain legacy equipment including older combat ships, cruisers, and landing ships from the Navy, older A-10, F-15, F-16 and other aircraft from the Air Force, and outdated night vision and IT systems from the Army
- Increased funding will be available for artificial intelligence, space systems, research and development (R&D), and other emerging technologies
- A pay increase of 2.7% for both military and civilian personnel is planned
The budget faces opposition from both sides of the aisle, with lawmakers concerned it does not do enough to address evolving and emerging threats and is not enough to cover the necessary resources, equipment, and training our civilian and military personnel need. Further complicating matters, others are concerned the budget includes too much wasteful spending. Now that the budget has been officially released, it will be interesting to see what changes and concessions are made as it makes its way through the approval channels.
For more information, please click on this link.
Critical Infrastructure Providers Need a Major Cybersecurity Overhaul: Following the latest ransomware attack of the Colonial Pipeline, White House advisors are looking for ways to implement security workforce requirements for the nation’s critical infrastructure providers. Ransomware attacks have become increasingly present in the public and private sector, and as we see more and more business leaders shell out cash, we may see more of these events in the future. To combat future attacks and prevent nationwide infrastructure failures, the National Security Council (NSC) has tasked private sector advisors to investigate these critical providers’ cybersecurity systems.
The NSC has asked the private sector led National Infrastructure Advisory Council (NIAC) to perform a study and present its findings of ways to best incentivize critical providers to improve their cybersecurity workforce. One significant tool being considered is the implementation of specific cybersecurity standards within the Federal procurement requirements, which could lead to contractors being denied Federal contracts, if they cannot meet the standards. “We also think Federal procurement requirements are a really valuable tool,” said Jan Allman, Chief Executive Officer of Fincantieri Marinette Marine Corporation and a member of the NIAC. “So any private company bidding on Federally funded projects has to meet certain requirements, whether that's for meeting job quality training, standards or encouraging local hiring, or partnering with service providers to ensure that workers have access to the training they need to advance their careers.”
The NIAC presented an interim report on Thursday, May 20, 2021, which describes the three most pressing challenges that the critical infrastructure workforce faces to be lack of coordination, lack of diversity, and a disconnect with the traditional education system. The NIAC has stated that the final report is on track to be delivered in July 2021, which could help shape “one of the most important policy proposals for infrastructure in decades,” said NIAC Vice Chair Beverly Scott. Federal contractors should evaluate their current cybersecurity infrastructure and continue to monitor the NIAC’s final report, as changes to Federal procurement requirements will likely be arriving soon.
For more information, please click this link and this link.
SHARE